We are thrilled to announce 📢 Kosli is now SOC 2 Type 2 compliant - Read more
New Feature: Kosli Trails is liveCreate comprehensive audit trails for any DevOps activity - Read more
kosli change log image - with cli screen reading kosli-changelog|main-April-2024 showing all changes successfully

Kosli Changelog - April 2024

Steve Tooke
Author Steve Tooke
Published May 20, 2024 in technology
clock icon 3 min read

We’ve kept ourselves busy this April, in spite of the holidays and the call of the sunny outdoors. This month, Kosli has been improved with  a number of new features and quality of life enhancements that we think you’ll like.

Add support for AWS Code Build environment default variables in the cli

If you use AWS Code Build as your CI system, Kosli CLI (starting from v2.9.1) will default the following flag values for you:

  • --commit-url
  • --git-commit
  • --commit
  • --build-url

Attestation file download

It’s now possible to download any attestation’s attachment in a Trail directly from the attestation’s content, making it a little bit easier for you to access the information you need.

Attestation annotations

When you make an attestation using the kosli attest commands, you can now include some annotations that will display in the attestation details in the Trail events list. This is useful for including reference information or URLs that should be easy to find, for example, in the cyber-dojo differ pipeline, we annotate the artifact attestation with the URL of the image in DockerHub, e.g.:

$ URL="https://hub.docker.com/layers/cyberdojo/differ/${IMAGE_TAG}/images/sha256-${FINGERPRINT}" 
$ kosli attest artifact "${IMAGE_NAME}" \


This is then available in the attestation as a clickable link.

Attestation clickable link - Kosli

The –annotate [key=value] flag is available for all kosli attest commands

Support creating Kosli webhooks for LaunchDarkly

It’s now possible to display changes to feature flags from LaunchDarkly in a Kosli Trail.
Switching on the integration in the application will provide you with a webhook url and a secret, which can then be saved in LaunchDarkly. From then on, when a feature flag is created or changed in Launchdarkly, the change will be recorded in Kosli.

Control traffic egress through an HTTP Proxy

From version v2.9.1 all CLI commands now support a –http-proxy flag. This can be set to the URL of a proxy server inside the firewall, allowing traffic bound for https://app.kosli.com (the default for the –host flag) to be controlled in a single place.

Support specifying a koslipaths.yaml for kosli snapshot server command

Starting from Kosli CLI v2.10.1 , the new “kosli snapshot path” and “kosli snapshot paths” replace “kosli snapshot server” which  has been deprecated. The two new commands allow you to snapshot one or multiple artifacts on a physical/virtual host. When snapshotting multiple artifacts, you can declaratively define artifact names and which paths to include/exclude from fingerprinting using a koslipaths file

CLI command documentation now has live examples

Many commands, such as kosli attest artifact, now have live examples in their CLI documentation. Each example gives:

  1. The command in use inside a live CI pipeline

  2. The event in https://app.kosli.com corresponding to the most recent run of the command.  

Corresponding events in Kosli

Kosli CLI supports local config for your common flags

Starting from Kosli CLI v2.9.0, you can store any CLI flag values that you commonly use with Kosli commands (e.g. organization and flow names) in a local config file in your home directory. The config file can be managed using the “kosli config” command or by directly editing the file.

For added security, the API token value is always stored encrypted using your local keystore (e.g keychain on Mac or keyring on Linux).


Published May 20, 2024, in technology


You might like

Stay in the loop with the Kosli newsletter

Get the latest updates, tutorials, news and more, delivered right to your inbox
Kosli is committed to protecting and respecting your privacy. By submitting this newsletter request, I consent to Kosli sending me marketing communications via email. I may opt out at any time. For information about our privacy practices, please visit Kosli's privacy policy.
Kosli team reading the newsletter

Got a question about Kosli?

We’re here to help, our customers range from larges fintechs, medtechs and regulated business all looking to streamline their DevOps audit trails

Contact us
Developers using Kosli